[Deploy] 테스트 서버 배포 설정 (#11)

* deploy: Github Actions Jobs 추가 (#6) * fix: jwt 개선된 문법으로 수정 (#6) * chore: 상세한 오류 내용 확인을 위한 문구 추가 (#6) * chore: jwt 주석 처리 수정 (#6) * chore: 도커 로그인 방식 최신화 (#6) * chore: 도커 로그인 방식 수정 (#6) * chore: 도커 레포지토리 수정 (#6) * chore: 도커 레포지토리 경로 수정 (#6) * chore: 도커 레포지토리 수정 (#6) * feat: WebConfig 추가 (#6) * chore: 레디스 관련 설정 (#6)
Someup · Sep 11, 2024 · 64c808a · 64c808a
1 parent a2dd253
commit 64c808a
Show file tree

Hide file tree

Showing 6 changed files with 180 additions and 4 deletions.
diff --git a/.github/workflows/someup_dev.yml b/.github/workflows/someup_dev.yml
@@ -0,0 +1,122 @@
+name: someup_dev
+
+on:
+  push:
+    branches: [ "develop" ]
+  pull_request:
+    branches: [ "develop" ]
+
+jobs:
+  develop:
+    # 실행 환경
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      # JDK 17
+      - name: Set up JDK 17
+        uses: actions/setup-java@v3
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+
+      # Gradle Caching
+      - name: Gradle Caching
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-
+      # application-dev.yml
+      - name: Copy dev Secret
+        env:
+          DEV_SECRET: ${{ secrets.APPLICATION_DEV_YML }}
+          DEV_SECRET_DIR: src/main/resources
+          DEV_SECRET_DIR_FILE_NAME: application-dev.yml
+        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME
+
+      # application-oauth.yml
+      - name: Copy oauth Secret
+        env:
+          DEV_SECRET: ${{ secrets.APPLICATION_OAUTH_YML }}
+          DEV_SECRET_DIR: src/main/resources
+          DEV_SECRET_DIR_FILE_NAME: application-oauth.yml
+        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME
+
+      # application-jwt.yml
+      - name: Copy jwt Secret
+        env:
+          DEV_SECRET: ${{ secrets.APPLICATION_JWT_YML }}
+          DEV_SECRET_DIR: src/main/resources
+          DEV_SECRET_DIR_FILE_NAME: application-jwt.yml
+        run: echo $DEV_SECRET | base64 --decode >> $DEV_SECRET_DIR/$DEV_SECRET_DIR_FILE_NAME
+
+      # ./gradlew 권한 설정
+      - name: ./gradlew 권한 설정
+        run: chmod +x ./gradlew
+
+      # Gradle Build
+      - name: Build with Gradle
+        run: |
+          ./gradlew clean
+          ./gradlew compileJava
+          ./gradlew build
+
+      # Docker Build하고 DockerHub에 Push
+      - name: Docker Build & Push to DockerHub
+        run: |
+          docker login -u ${{ secrets.DOCKER_USERNAME }} -p ${{ secrets.DOCKER_PASSWORD }}
+          docker build -t ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest .
+          docker push ${{ secrets.DOCKER_USERNAME }}/${{ secrets.DOCKER_REPO }}:latest
+
+      # GitHub IP를 요청
+      - name: Get GitHub IP
+        id: ip
+        uses: haythem/public-ip@v1.2
+
+      # AWS 세팅
+      - name: AWS Setting
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }}
+          aws-region: ap-northeast-2
+
+      # GitHub IP를 AWS에 추가
+      - name: Add GitHub IP to AWS
+        run: |
+          aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
+
+      # docker-compose.yml 파일 EC2로 복사
+      - name: Copy docker-compose.yml to EC2
+        uses: appleboy/scp-action@master
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: 22
+          source: "./docker-compose.yml"
+          target: "./someup"
+
+      # SSH Key로 서버에 접속하고 docker-compose image를 pull 받고 실행하기
+      - name: Access Server with SSH Key, pull and execute docker-compose image
+        uses: appleboy/ssh-action@v0.1.6
+        with:
+          host: ${{ secrets.EC2_HOST }}
+          username: ${{ secrets.EC2_USERNAME }}
+          key: ${{ secrets.KEY }}
+          port: 22
+          script: |
+            cd someup
+            sudo docker-compose down
+            sudo docker-compose pull
+            sudo docker-compose up -d
+            sudo docker image prune -f
+      # Security Group에서 Github IP를 삭제
+      - name: Remove Github IP From Security Group
+        run: |
+          aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,4 @@
+FROM openjdk:17-jdk
+ARG JAR_FILE=build/libs/*.jar
+COPY ${JAR_FILE} /app.jar
+ENTRYPOINT ["java", "-jar", "/app.jar"]
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,25 @@
+services:
+  springboot:
+    container_name: someup # ec2내에서 동작하는 컨테이너명
+    image: someupsite/someup:latest
+    ports:
+      - 8080:8080
+    environment:
+      SPRING_PROFILES_ACTIVE : dev-env # 사용할 profile
+    networks:
+      - my_network
+
+  redis:
+    image: redis
+    container_name: redis-cache
+    environment:
+      REDIS_PASSWORD: password
+    command: ["redis-server", "--requirepass", "password", "--port", "6379"]
+    ports:
+      - 6379:6379
+    networks:
+      - my_network
+
+networks:
+  my_network:
+    driver: bridge
diff --git a/src/main/java/project/backend/common/auth/token/TokenProvider.java b/src/main/java/project/backend/common/auth/token/TokenProvider.java
@@ -78,7 +78,7 @@ public TokenResponse createToken(String userId, String email, String role) {
 
   public Authentication getAuthentication(String token) {
     Claims claims = Jwts.parserBuilder()
-                        .setSigningKey(secretKey)
+                        .setSigningKey(key)
                         .build()
                         .parseClaimsJws(token)
                         .getBody();
@@ -104,7 +104,7 @@ public Authentication getAuthentication(String token) {
   public boolean validate(String token) {
     try {
       Jwts.parserBuilder()
-          .setSigningKey(secretKey)
+          .setSigningKey(key)
           .build()
           .parseClaimsJws(token);
       return true;
@@ -122,7 +122,7 @@ public boolean validate(String token) {
   public boolean validateExpired(String token) {
     try {
       Jwts.parserBuilder()
-          .setSigningKey(secretKey)
+          .setSigningKey(key)
           .build()
           .parseClaimsJws(token);
       return true;

diff --git a/src/main/java/project/backend/common/config/WebConfig.java b/src/main/java/project/backend/common/config/WebConfig.java
@@ -0,0 +1,25 @@
+package project.backend.common.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebConfig implements WebMvcConfigurer {
+
+  @Override
+  public void addCorsMappings(CorsRegistry registry) {
+    registry.addMapping("/**")
+            .allowedOriginPatterns("*")
+            .allowedMethods(
+                HttpMethod.GET.name(),
+                HttpMethod.POST.name(),
+                HttpMethod.PUT.name(),
+                HttpMethod.PATCH.name(),
+                HttpMethod.DELETE.name()
+            )
+            .allowCredentials(true)
+            .exposedHeaders("*");
+  }
+}
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -1,7 +1,7 @@
 spring:
   profiles:
     active:
-      local
+      dev
     group:
       local-env:
         - local